AWS Certified Advanced Networking Specialty Exam: ANS-C01

A network engineer has deployed an Amazon EC2 instance in a private subnet in a VPC. The VPC has no public subnet. The EC2 instancehosts application code that sends messages to an Amazon Simple Queue Service (Amazon SQS) queue. The subnet has the default networkACL with no modification applied. The EC2 instance has the default security group with no modification applied.The SQS queue is not receiving messages.Which of the following are possible causes of this problem? (Choose two.)

A. The EC2 instance is not attached to an IAM role that allows write operations to Amazon SQS.

B. The security group is blocking traffic to the IP address range used by Amazon SQS

C. There is no interface VPC endpoint configured for Amazon SQS

D. The network ACL is blocking return traffic from Amazon SQS

E. There is no route configured in the subnet route table for the IP address range used by Amazon SQS

A company needs to transfer data between its VPC and its on-premises data center. The data must travel through a connection that hasdedicated bandwidth. The data also must be encrypted in transit. The company has been working with an AWS Partner Network (APN) Partnerto establish the connection.Which combination of steps will meet these requirements? (Choose three.)

A. Request a hosted connection from the APN Partner.

B. Request a hosted public VIF from the APN Partner.

C. Create an AWS Site-to-Site VPN connection.

D. Create an AWS Client VPN connection.

E. Create a private VIF.

F. Create a public VIF.

A company is running an online game on AWS. The game is played globally and is gaining popularity. Users are reporting problems with thegame's responsiveness. Replay rates are dropping, and the company is losing subscribers. Game servers are located in the us-west-2 Regionand use an Elastic Load Balancer to distribute client traffic.The company has decided to deploy game servers to 11 additional AWS Regions to reduce the round-trip times of network traffic to gameclients. A network engineer must design a DNS solution that uses Amazon Route 53 to ensure that user traffic is delivered to game serverswith an optimal response time.What should the network engineer do to meet these requirements?

A. Create Route 53 records for the Elastic Load Balancers in each Region. Specify a weighted routing policy. Calculate the weight by usingthe number of clients in each Region.

B. Create Route 53 records for the Elastic Load Balancers in each Region. Specify a latency routing policy. Set the Region to the Regionwhere the Elastic Load Balancer is deployed.

C. Create Route 53 records for the Elastic Load Balancers in each Region. Specify a multivalue answer routing policy. Test latency fromthe game client, and connect to the server with the best response.

D. Create Route 53 records for the Elastic Load Balancers in each Region. Specify a geolocation routing policy. Set the location to theRegion where the Elastic Load Balancer is deployed.